RLSA-2026:19068 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

EUVD-2026-31941

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel...

CVE-2026-9560

Summary: CVE-2026-9560 affects OpenVPN Connect for macOS (versions 3.5.1–3.8.1). Affected component is the background service that can escalate privileges via a local IPC channel, allowing an attacker to execute arbitrary commands with elevated privileges. The CVSS metrics indicate a high-impact,...

Falco 0.44.0

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

PT-2026-42468

Name of the Vulnerable Software and Affected Versions Trend Micro TrendAI Apex One affected versions not specified TrendAI Apex One as a Service affected versions not specified Description An origin validation issue in the Apex One/SEP agent allows a local attacker to escalate privileges. This fl...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021567 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC...

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

ALSA-2026:19068 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

RHEL 9 : systemd (RHSA-2026:19213)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19213 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

CVE-2026-42045

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.tsx, if no type match is found, it will choose to call the...

CVE-2026-43411

A flaw was found in the Linux kernel's TIPC Transparent Inter-Process Communication protocol. A local user can trigger a divide-by-zero error by setting a specific connection timeout value. This can lead to a kernel panic, effectively causing a Denial of Service DoS on the affected system...

Electerm's full process.env exposed to renderer via window.pre.env

Impact The getConstants IPC handler in src/app/lib/ipc-sync.js serialises the entire process.env object and sends it to the renderer. The data is stored as window.pre.env and is accessible from any JavaScript running in the renderer e.g., via the DevTools console or a compromised webview context...

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

CVE-2026-43942

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In versions 3.8.15 and prior, the getConstants IPC handler in src/app/lib/ipc-sync.js serialises the entire process.env object and sends it to the renderer. The data is stored as window.pre.env and is...

CVE-2026-43942

electerm versions 3.8.15 and prior are affected by an IPC vulnerability: the getConstants() handler serialises the entire process.env and exposes it to the renderer as window.pre.env. Any attacker able to execute JavaScript in the renderer could exfiltrate these secrets to a remote server, enabli...

PT-2026-39145

Name of the Vulnerable Software and Affected Versions Akamai Guardicore Platform Agent versions 7.0 through 7.3.1 Akamai Zero Trust Client versions 6.0 through 6.1.5 Akamai Guardicore Platform Agent affected versions not specified Description Local privilege escalation is possible on Linux and...

Electerm 信息泄露漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm 3.8.15 and earlier contained an information leakage vulnerability. This vulnerability stemmed from the getConstants IPC processor, which serialized the entire process.env object and sent it to...

CVE-2026-34354

Akamai Guardicore Platform Agent GPA and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket in the world-writable /tmp directory. It accepts unauthenticated IPC control messages. This enables a TOCTOU vulnerability in the...

Command Injection

Overview @lobehub/lobehub is a LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...